Re: I've inherited a botnet target

* LuKreme : > It's in 2.7 only, yes? I'm still running 2.6. It's in the snapshots > Just add: > > postscreen_dnsbl_sites zen.spamhous.org > > To a 2.7 config? No, you really have to read the README, since there are changes to master.cf as well! -- Ralf Hildebrandt Geschäftsbereich IT | A

Re: I've inherited a botnet target

* Nataraj : > How does rate limiting work in conjunction with postscreen? Just like without postscreen -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155

Re: disable bounce notification

Noel Jones wrote: > On 5/26/2010 11:55 AM, Giovanni Mancuso wrote: >> Hi, >> >> I would disable in my postfix installation the sending of bounce mail. > > Solve the right problem; don't accept mail you can't deliver. I can't do it, because my antispam server return 550 to my postfix that is a MX re

illegal address syntax

Hi Everyone, I'm currently in the middle of watching a customer's mail.log file. He is trying to send an email to a lot of people at once (Something like 5000), however the logs don't reflect this. Instead I'm seeing: May 27 10:32:41 server1 postfix/smtpd[8144]: connect from office1.domain.l

Re: illegal address syntax

* Jonathan Tripathy : > Hi Everyone, > > I'm currently in the middle of watching a customer's mail.log file. > He is trying to send an email to a lot of people at once (Something > like 5000), however the logs don't reflect this. Instead I'm seeing: > > May 27 10:32:41 server1 postfix/smtpd[8144]

Re: illegal address syntax

On 27/05/10 10:41, Jonathan Tripathy wrote: Hi Everyone, I'm currently in the middle of watching a customer's mail.log file. He is trying to send an email to a lot of people at once (Something like 5000), however the logs don't reflect this. Instead I'm seeing: May 27 10:32:41 server1 postf

Re: illegal address syntax

too many errors after... raise the soft_error_limit and/or the hard_error_limit Ah! So my postfix server has a limit then. Where can I put these settings? In main.cf ?

Re: illegal address syntax

* Jonathan Tripathy : > > >too many errors after... > > > >raise the soft_error_limit and/or the hard_error_limit > > > > Ah! So my postfix server has a limit then. Where can I put these > settings? In main.cf ? Yes, like almost all settings... smtpd_hard_error_limit = 1000 smtpd_soft_error_lim

Re: illegal address syntax

* Jonathan Tripathy : > Even after removing those 2 address from the list, we are still > getting the "too many errors after RCPT from > office1.domain.local[10.86.1.101]" (Of course, the 2 email addresses > aren't mentioned anymore) And what's it complaining about now (BTW, that's why one uses m

Re: illegal address syntax

On 27/05/10 11:11, Ralf Hildebrandt wrote: * Jonathan Tripathy: too many errors after... raise the soft_error_limit and/or the hard_error_limit Ah! So my postfix server has a limit then. Where can I put these settings? In main.cf ? Yes, like almost all settings... s

Re: user unknown, not getting mapped

On 2010-05-26 9:50 PM, Sahil Tandon wrote: > Do not, as suggested by another poster, simply requeue ALL messages > -- unless, of course, that is what you really intend. Ooops, thanks for catching that Sahil. I have a fairly low volume server, so my queue is essentially always empty - so I can safe

Error with the command XXXX

Hello, I see sometimes the following error in the logfile : May 27 13:04:43 smtp-1 postfix/smtpd[28724]: too many errors after UNKNOWN from mail.everbridge.net[63.236.8.147] May 27 12:32:42 smtp-1 postfix/smtpd[20935]: too many errors after UNKNOWN from paradis.cirad.fr[193.51.113.1] and I w

Re: disable bounce notification

On 2010-05-27 5:19 AM, Giovanni Mancuso wrote: > Noel Jones wrote: >> On 5/26/2010 11:55 AM, Giovanni Mancuso wrote: >>> I would disable in my postfix installation the sending of bounce >>> mail. >> Solve the right problem; don't accept mail you can't deliver. > I can't do it, Yes, you can, you

Re: Error with the command XXXX

Pascal Maes: > May 27 02:32:36 smtp-1 postfix/smtpd[7464]: > paradis.cirad.fr[193.51.113.1]: > 220 smtp1.sgsi.ucl.ac.be ESMTP > smtpd_banner = $myhostname ESMTP > May 27 02:32:36 smtp-1 postfix/smtpd[7464]: < paradis.cirad.fr[193.51.113.1]: > paradis.cirad.fr > May 27 02:32:36 smtp-1 postfix

postscreen questions

I've been investigating postscreen, as we've been address probed/bombed for years, as we have a few domains that are very old (well, early 90s) that had a lot of users back in the dialup days. Our approach was to just throw hardware at the problem, and we've had a whole cluster of servers just

recipient_delimiter and check_recipient_access

Hello, all. I'm using a mailrelay and an internal server setup. The mailrelay receives mail from the internet, runs a number of checks + spamassassin + clamav then passes mail to the internal mail server. One of the checks enforced on the mailrelay is check_recipient_access hash:/etc/postfix/use

Re: postscreen questions

Am 27.05.2010 15:34, schrieb Andy Dills: > > I've been investigating postscreen, as we've been address probed/bombed > for years, as we have a few domains that are very old (well, early 90s) > that had a lot of users back in the dialup days. Our approach was to just > throw hardware at the prob

Re: I've inherited a botnet target

On 5/26/2010 8:21 PM, LuKreme wrote: On 26-May-2010, at 17:01, Noel Jones wrote: On 5/26/2010 5:34 PM, LuKreme wrote: postscreen is currently available in the postfix 2.8 snapshots. Instructions for activating postscreen are included in the RELEASE_NOTES. eg. http://postfix.energybeam.co

Re: postscreen questions

Andy Dills: > > I've been investigating postscreen, as we've been address probed/bombed > for years, as we have a few domains that are very old (well, early 90s) > that had a lot of users back in the dialup days. Our approach was to just > throw hardware at the problem, and we've had a whole cl

Re: user unknown, not getting mapped

On Wed, May 26, 2010 at 16:52, Charles Marcus wrote: > On 2010-05-26 4:12 PM, Phil Howard wrote: >> Is there a way to get it to be remapped now that it is in the >> delivery queue? Or should I just create a mailbox for f...@example.com >> and mv the file over to b...@example.com? > > Not sure if i

Re: recipient_delimiter and check_recipient_access

On 5/27/2010 8:47 AM, Emmanuel Seyman wrote: Hello, all. I'm using a mailrelay and an internal server setup. The mailrelay receives mail from the internet, runs a number of checks + spamassassin + clamav then passes mail to the internal mail server. One of the checks enforced on the mailrelay

Re: IDN domain name support

Dear all, I've just made a test from Gmail and my Thunderbird mail client sending a mail to a non-real IDN mail user: alejan...@años.com.ar - My Thunderbird says: "An error ocurred while sending mail. Tha mail servers responded: 5.1.3 Bad recipient address syntax" (THIS IS A SERVER RESPONSE) - T

Re: IDN domain name support

On 5/27/2010 2:29 PM, Alejandro Cabrera Obed wrote: > Dear all, I've just made a test from Gmail and my Thunderbird mail > client sending a mail to a non-real IDN mail user: > > alejan...@años.com.ar > > - My Thunderbird says: "An error ocurred while sending mail. Tha mail > servers responded: 5.1.

Re: IDN domain name support

OK, this is in case of my Thunderbird Debian lenn package, but what about the Gmail syntax error warning ??? In Hotmail is the same, it tells me that the recipient address just must have 1-9, a-z and @ charactersin this case with my IDN domain I wiil remain isolate of the Hotmail, Yahoo, Gmail

Re: IDN domain name support

Alejandro Cabrera Obed wrote: > Dear all, I've just made a test from Gmail and my Thunderbird mail > client sending a mail to a non-real IDN mail user: > > alejan...@años.com.ar > > - My Thunderbird says: "An error ocurred while sending mail. Tha mail > servers responded: 5.1.3 Bad recipient add

Re: IDN domain name support

On Thu, May 27, 2010 at 04:01:41PM -0300, Alejandro Cabrera Obed wrote: > OK, this is in case of my Thunderbird Debian lenn package, but what > about the Gmail syntax error warning ??? In Hotmail is the same, it > tells me that the recipient address just must have 1-9, a-z and @ > charactersin

Re: IDN domain name support

Per Jessen wrote: >> So, I think the IDN domain name support is not complete nowadays, >> neither by mail servers nor by mail clients. So it's not convenient >> the IDN mail implementation in this bad situation. >> >> What do you think about this matter ??? > > I think you're wrong - my thunderb

Re: postscreen questions

Andy Dills wrote: I've been investigating postscreen, as we've been address probed/bombed for years, as we have a few domains that are very old (well, early 90s) that had a lot of users back in the dialup days. Our approach was to just throw hardware at the problem, and we've had a whole cluste

Re: IDN domain name support

>> Wietse, thanks...but in Postfix I have to work with the ?o?o.com.ar >> domain name or with the xn--oo-yjab.gov.ar punycode domain name ??? > > The MAIL CLIENT must tranform non-ASCII domain names before > sending MAIL FROM or RCPT TO commands. ICANN did not really consider the security and port

Re: postscreen questions

On 27-May-2010, at 07:34, Andy Dills wrote: > > I've been investigating postscreen, as we've been address probed/bombed > for years, as we have a few domains that are very old (well, early 90s) > that had a lot of users back in the dialup days. Our approach was to just > throw hardware at the p

Re: IDN domain name support

On 27-May-2010, at 13:36, Pat wrote: > > we are not interested in > experimental code and do not want to use a version of bind or postfix that > cannot > be compiled to refuse IDNs. If you refuse properly delegated IDNs then you are broken, pure and simple. This is WHY punycode exists, as it re

Re: IDN domain name support

On Thu, May 27, 2010 at 03:36:19PM -0400, Pat wrote: > ICANN did not really consider the security and portability of IDNs > before permitting them. The reasons for this are many, and speak > poorly to ICANN's management structure. It is important to remember > that ICANN's action does not mean t

Re: which port to use for SSL/TLS?

At Tue, 25 May 2010 16:00:36 -0400, Phil Howard wrote: Subject: Re: which port to use for SSL/TLS? > > At this point I'm just not going to support SMTP wrapped/tunneled over > SSL/TLS ... on any port. But just in case something comes up where I > have to support it, I do have the config for it i

change return-path to custom value

Hi everyone, I am trying to get message bounces/delays piped into a script while keeping the user-visible From: header intact. To do this, I have asked the senders to relay through me and include a header of the form X-bounces-to: scriptal...@mydomain.com. In the postfix relay host I added main.cf

Re: Spampd proxy bypassed by some mails

Jan-Kaspar Münnich a écrit : > Hello, > > I've setup Postfix 2.7.0 to relay all mails to the local proxy spampd: > > smtp inet n - n - 25 smtpd > -o smtpd_proxy_filter=127.0.0.1:10025 > -o smtpd_proxy_options=speed_adjust > 127.0.0.1:10026 inet n

Re: change return-path to custom value

Razvan Cosma a écrit : > Hi everyone, > I am trying to get message bounces/delays piped into a script while > keeping the user-visible From: header intact. To do this, I have asked > the senders to relay through me and include a header of the form > X-bounces-to: scriptal...@mydomain.com >

Re: change return-path to custom value

Razvan Cosma: > /^Return-Path: (.*)/REPLACE X-Original-Return-Path: $1 > /^X-bounces-to: (.*)/REPLACE Return-Path: $1 The Return-Path: header DOES NOT CONTROL delivery of bounce messages. Instead, bounce messages are sent to the envelope sender address (the address in the MA

Re: Spampd proxy bypassed by some mails

On 28.05.2010, at 24:12, mouss wrote: > check your spampd: as there any cases where it would pass mail without > checking it Example: wrong whitelisting mechanism. a common error in > spamassassin is to use whitelist_from (which is easily abused by sender > forgery). I'm sure it can't be a miscon

Re: Spampd proxy bypassed by some mails

Jan-Kaspar M?nnich: > Hello, > > I've setup Postfix 2.7.0 to relay all mails to the local proxy spampd: > > smtp inet n - n - 25 smtpd > -o smtpd_proxy_filter=127.0.0.1:10025 > -o smtpd_proxy_options=speed_adjust > 127.0.0.1:10026 inet n -

Re: Spampd proxy bypassed by some mails

On 28.05.2010, at 02:45, Wietse Venema wrote: > The pastebin logging does not prove that spam came in on this port 25. Thanks a lot, that was the hint! I had recently misconfigured port 587. Now I changed it to: 587 inet n - n - - smtpd -o smtpd_client_rest